[solardev]

HAR files are big and it seems like overkill to send them every time. Can't you make just make a client side fetch to an error reporting service? i.e. if the app detects a 400, then it sends a (no auth required) payload of the failed request & response, with secrets sanitized, to another error reporting endpoint.

[royalghost]

That's a good point. The app actually uses an openid-connect library on the client side for OIDC flow with the authorization server. Since the apps delegates the flow to the library it does not have a full control over error handling.

[d0100]

Use Sentry or just monkey patch fetch to log errors